Methods and systems for managing security in a cloud computing environment are provided. Exemplary methods include: gathering data about workloads and applications in the cloud computing environment; updating a graph database using the data, the graph database representing the workloads of the cloud computing environment as nodes and relationships between the workloads as edges; receiving a security template, the security template logically describing targets in the cloud computing environment to be protected and how to protect the targets; creating a security policy using the security template and information in the graph database; and deploying the security policy in the cloud computing environment.
Legal claims defining the scope of protection, as filed with the USPTO.
2. The computer-implemented method of claim 1, wherein the data includes at least one of streaming telemetry from network logs, events from a cloud control plane, and inventory from a configuration management database.
3. The computer-implemented method of claim 1, wherein at least one of the security template and the security policy is one or more of a JavaScript Object Notation document, Jinja document, Jinja2 document, YAML Ain′t Markup Language document, and Open Policy Agent rule.
5. The computer-implemented method of claim 1, wherein the deploying is performed by a cloud driver using a topology and inventory of the cloud computing environment, the cloud driver communicating with the cloud computing environment using an application programming interface of the cloud computing environment.
6. The computer-implemented method of claim 1, wherein the cloud computing environment is hosted by a plurality of different cloud services, the different cloud services being at least one of a public cloud, private cloud, and on-premise data center.
10. The system of claim 9, wherein the data includes at least one of streaming telemetry from network logs, events from a cloud control plane, and inventory from a configuration management database.
11. The system of claim 9, wherein at least one of the security template and the security policy is one or more of a JavaScript Object Notation document, Jinja document, Jinja2 document, YAML Ain′t Markup Language document, and Open Policy Agent rule.
13. The system of claim 9, wherein the deploying is performed by a cloud driver using a topology and inventory of the cloud computing environment, the cloud driver communicating with the cloud computing environment using an application programming interface of the cloud computing environment.
14. The system of claim 9, wherein the cloud computing environment is hosted by a plurality of different cloud services, the different cloud services being at least one of a public cloud, private cloud, and on-premise data center.
16. The computer-implemented method of claim 1, wherein the recommendation for the security policy is: applications and services are prevented from proper operation by the security policy based on the entropy and the rate of change of the information in the graph database.
17. The system of claim 9, wherein the recommendation for the security policy is: applications and services are prevented from proper operation by the security policy based on the entropy and the rate of change of the information in the graph database.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 31, 2019
February 7, 2023
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.